static pcscd + ccid

[areqq]

Is there a way to build a static pcscd + ccid that doesn’t require libccid.so?

I would like to get one binary file sufficient to operate, without any system dependencies.

[LudovicRousseau]

pcsc-lite has a define PCSCLITE_STATIC_DRIVER used in https://github.com/LudovicRousseau/PCSC/blob/master/src/ifdwrapper.c#L91

But I never used it.

I guess it will not work with USB hotplug.

[LudovicRousseau]

I am able to build pcscd + ccid but:

• hotplug does not work so you would have to hardcode the reader identifier (surprisingly it works)
• or implement a new device detection using libusb

[LudovicRousseau]

What benefits do you expect from a static link pcscd + libccid?

[areqq]

Thanks for taking up the report and checking the possibilities. The main goal and benefit is to provide a working statically linked application, along with a static daemon, working without system requirements and dependencies.

[LudovicRousseau]

My pcscd (linked statically with libccid) has many other dependencies:

$ ldd pcscd
	linux-vdso.so.1 (0x00007fc4a7a46000)
	libpolkit-gobject-1.so.0 => /lib/x86_64-linux-gnu/libpolkit-gobject-1.so.0 (0x00007fc4a79ce000)
	libgobject-2.0.so.0 => /lib/x86_64-linux-gnu/libgobject-2.0.so.0 (0x00007fc4a796b000)
	libglib-2.0.so.0 => /lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x00007fc4a781c000)
	libsystemd.so.0 => /lib/x86_64-linux-gnu/libsystemd.so.0 (0x00007fc4a7707000)
	libusb-1.0.so.0 => /lib/x86_64-linux-gnu/libusb-1.0.so.0 (0x00007fc4a76e7000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fc4a74ef000)
	libgio-2.0.so.0 => /lib/x86_64-linux-gnu/libgio-2.0.so.0 (0x00007fc4a72fa000)
	libffi.so.8 => /lib/x86_64-linux-gnu/libffi.so.8 (0x00007fc4a72ed000)
	libatomic.so.1 => /lib/x86_64-linux-gnu/libatomic.so.1 (0x00007fc4a72e3000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007fc4a71fd000)
	libpcre2-8.so.0 => /lib/x86_64-linux-gnu/libpcre2-8.so.0 (0x00007fc4a7159000)
	libcap.so.2 => /lib/x86_64-linux-gnu/libcap.so.2 (0x00007fc4a714d000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fc4a7a48000)
	libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007fc4a7108000)
	libgmodule-2.0.so.0 => /lib/x86_64-linux-gnu/libgmodule-2.0.so.0 (0x00007fc4a7101000)
	libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007fc4a70e1000)
	libmount.so.1 => /lib/x86_64-linux-gnu/libmount.so.1 (0x00007fc4a706a000)
	libselinux.so.1 => /lib/x86_64-linux-gnu/libselinux.so.1 (0x00007fc4a703a000)
	libblkid.so.1 => /lib/x86_64-linux-gnu/libblkid.so.1 (0x00007fc4a6fdb000)

If I disable libsystemd and polkit I still get:

ldd builddir/pcscd
	linux-vdso.so.1 (0x00007f7d2f928000)
	libusb-1.0.so.0 => /lib/x86_64-linux-gnu/libusb-1.0.so.0 (0x00007f7d2f8b0000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f7d2f6ba000)
	libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007f7d2f675000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f7d2f92a000)
	libcap.so.2 => /lib/x86_64-linux-gnu/libcap.so.2 (0x00007f7d2f669000)

[LudovicRousseau]

Using a static link with ONE driver will have many limitations and would need writing a new hotplug code. I do not plan to work on it now.

I worked on a POC:

• the reader identification is hardcoded as "usb:058f/9540:libudev:0:/dev/bus/usb/001/005"
• the reader must be connected when pcscd is started

Here is the patch:

diff --git a/meson.build b/meson.build
index 9cb3a2b8..535e7e43 100644
--- a/meson.build
+++ b/meson.build
@@ -143,6 +143,15 @@ if pcsc_arch == 'Darwin'
 endif
 conf_data.set_quoted('PCSC_ARCH', pcsc_arch)
 
+# static driver link
+if get_option('static-driver') != ''
+  conf_data.set('PCSCLITE_STATIC_DRIVER', 1)
+  conf_data.set('IFDHANDLERv3', 1)
+  pcscd_dep += declare_dependency(link_args : get_option('static-driver'))
+  pcscd_dep += dependency('libusb-1.0')
+  features += 'static=' + get_option('static-driver')
+endif
+
 features +=  pcsc_arch
 features += target_machine.cpu()
 features += 'ipcdir=' + get_option('ipcdir')
diff --git a/meson.options b/meson.options
index f0b58cac..7a5d805d 100644
--- a/meson.options
+++ b/meson.options
@@ -53,3 +53,8 @@ option('filter_names',
   type : 'boolean',
   value : true,
   description : 'reader filtering using PCSCLITE_FILTER_IGNORE_READER_NAMES and PCSCLITE_FILTER_EXTEND_READER_NAMES')
+
+option('static-driver',
+  type : 'string',
+  value : '',
+  description : 'link with a specific driver')
diff --git a/src/pcscdaemon.c b/src/pcscdaemon.c
index 7dc804df..b1ada158 100644
--- a/src/pcscdaemon.c
+++ b/src/pcscdaemon.c
@@ -771,6 +771,18 @@ int main(int argc, char **argv)
 	}
 
 	RFWaitForReaderInit();
+#else
+	{
+		const char * deviceName = "usb:058f/9540:libudev:0:/dev/bus/usb/001/005";
+
+		rv = RFAddReader("Static reader", PCSCLITE_HP_BASE_PORT + 0,
+			"fakelib", deviceName);
+		if (SCARD_S_SUCCESS != rv)
+		{
+			Log2(PCSC_LOG_ERROR, "Failed adding device: %s", deviceName);
+			at_exit();
+		}
+	}
 #endif
 
 	/* initialization succeeded */

First build libccid generating a static library using: meson setup builddir -Ddefault_library=static.
You need to install libccid so that the driver can find its configuration file /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist.

Build pcsc-lite using something like: ./c.sh -Dstatic-driver=[your path]/CCID/builddir/libccid.a -Dlibudev=false -Dlibsystemd=false -Dpolkit=false -Dlibusb=true

[LudovicRousseau]

@areqq if this feature is important for you, you can contact me by email
https://blog.apdu.fr/articles/about_me/

[areqq]

Sorry for the poor responsiveness and delays - I'm on a trip.
I didn't expect a static build to be so problematic.

As you've noticed, just statically linking libccid is not enough, libc/libusb and the rest should be statically linked as well.

Without hotplug it would still be usable for me, even with passing reader identification as a parameter/system variable, but without hardcoding in the code.